literally just bought bitdefender for Mac yesterday, haha. Oh well. Next year I'll give it a shot.

Eh, I wouldn't sweat it too much. BitDefender has a lot of the same pros as Windows Defender: light resource usage, only throws up alerts for actual problems, and doesn't sneak in a bunch of obnoxious extra crap like browser toolbars. If Windows Defender wasn't included with the OS, BitDefender is most likely what I would run.

Ever since it came out as a separate application (as Microsoft Security Essentials) for Windows 7, MSE/Windows Defender has been my only choice for Windows installations. As others have said, who better to trust than the company who's also making the OS you're running their antivirus on? It certainly helps that the software is far less annoying than any other option I'm aware of (in particular, it doesn't try to sell you anything!), seems to be less resource-intensive, and is baked in to Windows 10. I try to recommend sticking with it to anyone who asks me about antivirus solutions for a home machine.

However, it seems a little weird to me for MS to branch out to other OSes, since on those they're "just" another third-party developer. But I have confidence that they can still produce a good application - as long as it doesn't try to sell OneDrive subscriptions or something.

Ever tried uninstalling McAfee? I couldn't tell the difference between it and a resource burning virus. My father (who, as a programmer, should absolutely know better) had two different anti-virus platforms on a single Win10 laptop. It would take 20-30 seconds from opening a program (anything, didn't matter what it was) before it actually responded to the command. Even the search function under the Start menu would take 10-15 seconds to respond to keyboard presses.

I got all the "anti" malware software uninstalled and pushed the machine back to using Windows Defender - suddenly, most of the performance related problems disappeared. He probably needs a re-image anyway, but it took more time to remove all of that garbage from the machine than it took to prepare my federal and state taxes for this year.

Hasn't Windows Defender suffered from a handful of bugs in the past few years that caused it to act as an attack vector?

I will not be installing this resource-sucking attack vector on my Mac.

All AV products increase your attack surface, it's the nature of the beast. But I'd rather one produced by my OS manufacturer, since they're already the guys writing all the privileged code I rely on.

A new laptop came with norton, and I swear to god it was more irritating than most malware.

Norton did a GREAT job protecting my desktop computer. NOTHING would ever get by it.

No, really -- Norton decided to "clean up" a file with a "low reputation" because few people had it and it was fairly new..........that file happened to be the updated manufacturer driver for the Marvell SATA/RAID controller motherboard had which my C:\ drive was on.

So yeah, if your disks (including boot disk) are no longer accessible, I would wager no virus could ever get on it.

EDIT: Oh, and then there was Norton on my parents tablet, which decided that ALL networks were malicious and wouldn't let you access anything, including downloading updates to fix the bad update. That was a fun day trying to fix.

I work for a managed services provider and am the primary engineer assigned to multiple clients that primarily use Mac. The notion that malware for Mac is "rare" is absolutely absurd. I had to sign up for an account to post this comment because I am really shocked to see such an obvious falsehood posted on Ars. Seriously- what are you thinking? Macs get malware ALL THE TIME.

New Poster - astroturfing? There is zero evidence of this happening; not because macOS is superior, but comes configured with sensible defaults compared to Windows.I'd also like to add that Apple issues silent updates for security and updates Safari for anti-phishing now as well. Pretty sure that Microsoft did this to throw shade at macOS.

I work for a managed services provider and am the primary engineer assigned to multiple clients that primarily use Mac. The notion that malware for Mac is "rare" is absolutely absurd. I had to sign up for an account to post this comment because I am really shocked to see such an obvious falsehood posted on Ars. Seriously- what are you thinking? Macs get malware ALL THE TIME.

I think I'd argue its more rare, compared to Windows.

All things are relative...there can be a lot of malware floating about but its still "minimal" compared to the massively-even-more.

That said, almost every time I walk by the Apple kiosk at BestBuy I hear the salesperson making a pitch to some customer "and you don't need antivirus because Macs can't get viruses" making me cringe. It may be (presently) less frequent but "can't" is the incorrect term.

Also, the more popular they become, the greater interest attackers will have in them. They want a good return on their "investment" of hacking or social engineering.

As much as I dislike Apple, I got to say at this point in time there seems to be a lower likelyhood of malware on MacOS than a Windows box, but it is most certainly not immune.

Ever tried uninstalling McAfee? I couldn't tell the difference between it and a resource burning virus. My father (who, as a programmer, should absolutely know better) had two different anti-virus platforms on a single Win10 laptop. It would take 20-30 seconds from opening a program (anything, didn't matter what it was) before it actually responded to the command. Even the search function under the Start menu would take 10-15 seconds to respond to keyboard presses.

I got all the "anti" malware software uninstalled and pushed the machine back to using Windows Defender - suddenly, most of the performance related problems disappeared. He probably needs a re-image anyway, but it took more time to remove all of that garbage from the machine than it took to prepare my federal and state taxes for this year.

Stories like this is why every Windows 10 computer I touch - whether personally or professionally - gets a clean install of W10 before getting set up. That, and the garbage most OEMs still ship devices with.

I work for a managed services provider and am the primary engineer assigned to multiple clients that primarily use Mac. The notion that malware for Mac is "rare" is absolutely absurd. I had to sign up for an account to post this comment because I am really shocked to see such an obvious falsehood posted on Ars. Seriously- what are you thinking? Macs get malware ALL THE TIME.

What malware have you had to deal with recently?

I've been using Macs almost exclusively for the last 12 years and to my knowledge I haven't been affected by any malware.

I used to work for Geek Squad and I saw Macs with malware all the time. You haven't been infected by malware on your Mac because you don't do dumb things. You're in the minority.

This is somewhat less common since Gatekeeper blocks non-store apps by default, but I assure you that plenty of people will happily go into System Preferences to turn it off if the porn site they're on says they can't see the videos unless they do that first.

True enough, but outside of infosec circles the terms virus and malware are typically used interchangeably. Antivirus software typically protects against trojans, worms, etc, not simply viruses. Most of the big Windows malware from the bad old days were worms, not viruses, but I don't recall people being so picky about precise terminology in those instances. It's only in Apple apologia that those hairs are split.

I work for a managed services provider and am the primary engineer assigned to multiple clients that primarily use Mac. The notion that malware for Mac is "rare" is absolutely absurd. I had to sign up for an account to post this comment because I am really shocked to see such an obvious falsehood posted on Ars. Seriously- what are you thinking? Macs get malware ALL THE TIME.

What malware have you had to deal with recently?

I've been using Macs almost exclusively for the last 12 years and to my knowledge I haven't been affected by any malware.

I used to work for Geek Squad and I saw Macs with malware all the time. You haven't been infected by malware on your Mac because you don't do dumb things. You're in the minority.

This is somewhat less common since Gatekeeper blocks non-store apps by default, but I assure you that plenty of people will happily go into System Preferences to turn it off if the porn site they're on says they can't see the videos unless they do that first.

I don't doubt you but I'm still curious about what specific malware people are getting these days. I would like to read more about it.

Probably a stupid question but a genuine one: If I've got an all-Linux network and follow good security practices (e.g. Only install trusted software, strong passwords/public key auth), do I really need antivirus?

If you mean you are the only human using this network, I'd say no. If you have non-technical users (who can use Linux?) you might want it as an extra layer of protection as you can't rely on their safety practices.

I've gone my entire run of using Mac OS X (since c. 2001) without antivirus. No problems. But a family member recently downloaded malware to their Mac from a fake flash updater popup (fortunately they didn't run the payload). Antivirus caught it. So I know there's definitely exploits out there, and I'm sure there are for Linux as well. If you can train yourself and others not to click on popups, but to go directly to the official vendor website, or use the update function within the software, you'll eliminate a lot of the risk.

Some of those Microsoft services are shockingly good and useful. Laptop gets stolen -> Webcam takes a picture when a bad password is entered. And you get rich security features like automatic remote wipe usually reserved for enterprise class MDMs.

Some of those Microsoft services are shockingly good and useful. Laptop gets stolen -> Webcam takes a picture when a bad password is entered. And you get rich security features like automatic remote wipe usually reserved for enterprise class MDMs.

Sure. But it isn't an important security alert. When my tray icon lights up with an urgent "!" I would hope there's an actual issue and not simply an advertisement.

I work for a managed services provider and am the primary engineer assigned to multiple clients that primarily use Mac. The notion that malware for Mac is "rare" is absolutely absurd. I had to sign up for an account to post this comment because I am really shocked to see such an obvious falsehood posted on Ars. Seriously- what are you thinking? Macs get malware ALL THE TIME.

New Poster - astroturfing? There is zero evidence of this happening; not because macOS is superior, but comes configured with sensible defaults compared to Windows.I'd also like to add that Apple issues silent updates for security and updates Safari for anti-phishing now as well. Pretty sure that Microsoft did this to throw shade at macOS.

There is plenty of evidence of this happening. I work IT in a K-12 school with a BYOD in 6-12. I can't tell you how many hours I used to spend removing malware from Macs. While most, not all, adults are smart enough not to click on everything that promises to speed up your computer, or your Flash Player needs updating, you will tell 500 middle schoolers this 1000 times and they will turn right around and click on this crap. I ended up having to have a good A/V solution and even then stuff still gets through.

I work for a managed services provider and am the primary engineer assigned to multiple clients that primarily use Mac. The notion that malware for Mac is "rare" is absolutely absurd. I had to sign up for an account to post this comment because I am really shocked to see such an obvious falsehood posted on Ars. Seriously- what are you thinking? Macs get malware ALL THE TIME.

New Poster - astroturfing? There is zero evidence of this happening; not because macOS is superior, but comes configured with sensible defaults compared to Windows.I'd also like to add that Apple issues silent updates for security and updates Safari for anti-phishing now as well. Pretty sure that Microsoft did this to throw shade at macOS.

There is plenty of evidence of this happening. I work IT in a K-12 school with a BYOD in 6-12. I can't tell you how many hours I used to spend removing malware from Macs. While most, not all, adults are smart enough not to click on everything that promises to speed up your computer, or your Flash Player needs updating, you will tell 500 middle schoolers this 1000 times and they will turn right around and click on this crap. I ended up having to have a good A/V solution and even then stuff still gets through.

Why does it seem like nobody is willing to name names when it comes to specific malware that they're having to deal with on Macs...

Probably a stupid question but a genuine one: If I've got an all-Linux network and follow good security practices (e.g. Only install trusted software, strong passwords/public key auth), do I really need antivirus?

Yes.

Or no.

It depends. There are two questions to ask:1. Do you have robust, tested, versioning off-site backups that would allow you to rebuild if you had to recover after an incident?2. Do you exchange files with people or organisations for whom your reputation is important?

The first is kinda obvious. You have to assume that you can rebuild, and do so safely by going back to a pre-infection time.

The second is what people usually forget. If you're a digital Typhoid Mary, then that might really hurt your business or your good standing. If you exchange files regularly with those on platforms which may be less well managed than yours, it may be worth having something that ensures you're not a transmission vector.

I used to run antivirus on Linux. I stopped more because the cloud now means I don't exchange files anymore - my collaborative work has moved to services like Google Docs.

But it could be really damaging - or embarrassing - to pass on malware unwittingly. That's probably your major consideration these days.

I work for a managed services provider and am the primary engineer assigned to multiple clients that primarily use Mac. The notion that malware for Mac is "rare" is absolutely absurd. I had to sign up for an account to post this comment because I am really shocked to see such an obvious falsehood posted on Ars. Seriously- what are you thinking? Macs get malware ALL THE TIME.

New Poster - astroturfing? There is zero evidence of this happening; not because macOS is superior, but comes configured with sensible defaults compared to Windows.I'd also like to add that Apple issues silent updates for security and updates Safari for anti-phishing now as well. Pretty sure that Microsoft did this to throw shade at macOS.

There is plenty of evidence of this happening. I work IT in a K-12 school with a BYOD in 6-12. I can't tell you how many hours I used to spend removing malware from Macs. While most, not all, adults are smart enough not to click on everything that promises to speed up your computer, or your Flash Player needs updating, you will tell 500 middle schoolers this 1000 times and they will turn right around and click on this crap. I ended up having to have a good A/V solution and even then stuff still gets through.

Why does it seem like nobody is willing to name names when it comes to specific malware that they're having to deal with on Macs...

These are the three that were found, and deleted, today alone, multiple times. They are all disguised as Flash Player Updates. There are dozens, if not hundreds, of variants of all of these and many others but I don't have there names in front of me right now.OSX/ShlayerOSX/MacOffersOSX/InstallCore

I work for a managed services provider and am the primary engineer assigned to multiple clients that primarily use Mac. The notion that malware for Mac is "rare" is absolutely absurd. I had to sign up for an account to post this comment because I am really shocked to see such an obvious falsehood posted on Ars. Seriously- what are you thinking? Macs get malware ALL THE TIME.

New Poster - astroturfing? There is zero evidence of this happening; not because macOS is superior, but comes configured with sensible defaults compared to Windows.I'd also like to add that Apple issues silent updates for security and updates Safari for anti-phishing now as well. Pretty sure that Microsoft did this to throw shade at macOS.

There is plenty of evidence of this happening. I work IT in a K-12 school with a BYOD in 6-12. I can't tell you how many hours I used to spend removing malware from Macs. While most, not all, adults are smart enough not to click on everything that promises to speed up your computer, or your Flash Player needs updating, you will tell 500 middle schoolers this 1000 times and they will turn right around and click on this crap. I ended up having to have a good A/V solution and even then stuff still gets through.

Why does it seem like nobody is willing to name names when it comes to specific malware that they're having to deal with on Macs...

These are the three that were found, and deleted, today alone, multiple times. They are all disguised as Flash Player Updates. There are dozens, if not hundreds, of variants of all of these and many others but I don't have there names in front of me right now.OSX/ShlayerOSX/MacOffersOSX/InstallCore

Some of those Microsoft services are shockingly good and useful. Laptop gets stolen -> Webcam takes a picture when a bad password is entered. And you get rich security features like automatic remote wipe usually reserved for enterprise class MDMs.

This is all built in with "find my mac" and "file vault". My mac gets stolen, I brick it the next time it's online. GG to the thief, because it's worthless.

I work for a managed services provider and am the primary engineer assigned to multiple clients that primarily use Mac. The notion that malware for Mac is "rare" is absolutely absurd. I had to sign up for an account to post this comment because I am really shocked to see such an obvious falsehood posted on Ars. Seriously- what are you thinking? Macs get malware ALL THE TIME.

New Poster - astroturfing? There is zero evidence of this happening; not because macOS is superior, but comes configured with sensible defaults compared to Windows.I'd also like to add that Apple issues silent updates for security and updates Safari for anti-phishing now as well. Pretty sure that Microsoft did this to throw shade at macOS.

There is plenty of evidence of this happening. I work IT in a K-12 school with a BYOD in 6-12. I can't tell you how many hours I used to spend removing malware from Macs. While most, not all, adults are smart enough not to click on everything that promises to speed up your computer, or your Flash Player needs updating, you will tell 500 middle schoolers this 1000 times and they will turn right around and click on this crap. I ended up having to have a good A/V solution and even then stuff still gets through.

Why does it seem like nobody is willing to name names when it comes to specific malware that they're having to deal with on Macs...

These are the three that were found, and deleted, today alone, multiple times. They are all disguised as Flash Player Updates. There are dozens, if not hundreds, of variants of all of these and many others but I don't have there names in front of me right now.OSX/ShlayerOSX/MacOffersOSX/InstallCore

From my years of supporting some programmers (among others) you could not be more naive about how little those skill sets overlap. Swear to Eris, one programmer wanted the department to buy a new monitor for her, so she printed off the web page advertising it, took it to a multifunction copier, scanned it into email, then forwarded me the resulting upside-down PDF.

I work for a managed services provider and am the primary engineer assigned to multiple clients that primarily use Mac. The notion that malware for Mac is "rare" is absolutely absurd. I had to sign up for an account to post this comment because I am really shocked to see such an obvious falsehood posted on Ars. Seriously- what are you thinking? Macs get malware ALL THE TIME.

New Poster - astroturfing? There is zero evidence of this happening; not because macOS is superior, but comes configured with sensible defaults compared to Windows.I'd also like to add that Apple issues silent updates for security and updates Safari for anti-phishing now as well. Pretty sure that Microsoft did this to throw shade at macOS.

There is plenty of evidence of this happening. I work IT in a K-12 school with a BYOD in 6-12. I can't tell you how many hours I used to spend removing malware from Macs. While most, not all, adults are smart enough not to click on everything that promises to speed up your computer, or your Flash Player needs updating, you will tell 500 middle schoolers this 1000 times and they will turn right around and click on this crap. I ended up having to have a good A/V solution and even then stuff still gets through.

Why does it seem like nobody is willing to name names when it comes to specific malware that they're having to deal with on Macs...

These are the three that were found, and deleted, today alone, multiple times. They are all disguised as Flash Player Updates. There are dozens, if not hundreds, of variants of all of these and many others but I don't have there names in front of me right now.OSX/ShlayerOSX/MacOffersOSX/InstallCore

Good lists, thanks. Why are you giving your users the right to install non-app store or unsigned software? This shouldn't be possible yes? Can you force this kind of setting in Casper for example?

It is because it is BYOD. They own the computers and therefore have admin rights. It was something implemented before I came by a Librarian turned tech that knew nothing about how to manage computers. I have been fighting to change this to no avail, everyone here is stuck in the "old ways that have always worked." Fortunately in a few weeks it won't be my problem anymore.

Good lists, thanks. Why are you giving your users the right to install non-app store or unsigned software? This shouldn't be possible yes? Can you force this kind of setting in Casper for example?

It is because it is BYOD. They own the computers and therefore have admin rights. It was something implemented before I came by a Librarian turned tech that knew nothing about how to manage computers. I have been fighting to change this to no avail, everyone here is stuck in the "old ways that have always worked." Fortunately in a few weeks it won't be my problem anymore.

Even with admin rights, Gatekeeper makes it extremely awkward to run these bogus Flash installers.

The people you support must REALLY want to update their Flash players...

I know of no-one amoung approximately 135 plus regular and dedicated Apple MacOS users, including my wife that would ever consider purchasing any Microsoft security Application, since they chose Apple over Windows based computing in first place because of the greater stability and inherent security that MacOS provides.

The only exceptions of which I am aware include MS Office and Skype. And even those products have an abysmal breakage/security record.

For many years, ClamAV has provided an excellent malware protection utility for MacOS, and since it emanates originally from a credible Not-for-Profit entity, at least MacOS users can feel re-assured there is no planned obsolesce or breakage designed to require constantly paying Microsoft for updates/upgrades, as per usual.

If Microsoft cannot secure their own Operating System (OS), how in God's name can any other software company expect them to secure competitive OS software?

Windows 10 also uses the OneDrive subsystem to save quite a few settings for ease of setting up a new system and the most barebones of barebones back up of vitally important files and the free tier is more than enough to do that. Click through, set it up and then ignore it exists.

I have had several users of MACs click on dumb stuff in emails causing a variety of problems. Then I had to install MAC AV software, which in general, causes more problems that it usually solves (I have tried at least 4 of them). However, it makes the user feel safer.

If this is less intrusive and gives my users peace of mind, I would use it.

I've never been able to understand the correlation between people who view Mac users with contempt, and people who refer to Macs as MACs.

I know of no-one amoung approximately 135 plus regular and dedicated Apple MacOS users, including my wife that would ever consider purchasing any Microsoft security Application, since they chose Apple over Windows based computing in first place because of the greater stability and inherent security that MacOS provides.

The only exceptions of which I am aware include MS Office and Skype. And even those products have an abysmal breakage/security record.

For many years, ClamAV has provided an excellent malware protection utility for MacOS, and since it emanates originally from a credible Not-for-Profit entity, at least MacOS users can feel re-assured there is no planned obsolesce or breakage designed to require constantly paying Microsoft for updates/upgrades, as per usual.

If Microsoft cannot secure their own Operating System (OS), how in God's name can any other software company expect them to secure competitive OS software?

Windows 10 has fewer and less severe CVEs than macOS (and Linux) these days. It's been true for a while now with different versions of Windows taking the top spot.

I'd point you to the relevant page on cvedetails.com, which scrapes the National Vulnerability Database, but the site's down. (A quick search of Google can find sites and blogs that have pulled the data in the past that shows it, but I wanted to point to the latest data on an official site.)